CN104915607B - A kind of code data processing and exchange method based on mobile terminal - Google Patents
A kind of code data processing and exchange method based on mobile terminal Download PDFInfo
- Publication number
- CN104915607B CN104915607B CN201510214649.8A CN201510214649A CN104915607B CN 104915607 B CN104915607 B CN 104915607B CN 201510214649 A CN201510214649 A CN 201510214649A CN 104915607 B CN104915607 B CN 104915607B
- Authority
- CN
- China
- Prior art keywords
- data
- applications client
- processing
- cipher processing
- program
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Mobile Radio Communication Systems (AREA)
- Telephone Function (AREA)
Abstract
The present invention relates to a kind of code data processing based on mobile terminal and exchange method, methods described to be:If applications client needs to carry out data Cipher Processing during interacting with application system, applications client or its API called will treat that Cipher Processing data are shown in the form of bar code;User uses the bar code that mobile scanning terminal is shown;The program of user's operation in the terminal obtains the data for treating Cipher Processing from bar code, the data that Cipher Processing is treated using storage user key in the terminal carry out Cipher Processing, according to the data after Cipher Processing it is whether sensitive by the data after Cipher Processing by encrypt or non-encrypted registered data bag in the form of the password intermediary system that is submitted to;Applications client or its API called or application system from password intermediary system or take registered data bag, so as to obtain the data after Cipher Processing.Methods described allows mobile terminal as Cipher Processing of the encryption apparatus for data.
Description
Technical field
The invention belongs to field of information security technology, particularly a kind of code data processing and exchange based on mobile terminal
Method.
Background technology
The problem frequently encountered in the application using cryptographic technique is using which kind of scheme storage and using user
Key.The storage of user key at present and using generally there is following two schemes.
A kind of is most simply also that the most frequently used scheme is that user key is stored in subscriber computer, and passes through software key
Code module carries out Cipher Processing (including encrypt, decrypt, sign, signature verification) using user key to data.This scheme
Problem is:Scheme is not suitable for using in public computer;If user uses the key of oneself in different computers, need
Key, storage key are replicated between different computers, this brings very big inconvenience to user.
Another scheme is using special cryptographic hardware device (such as USB Key) storage user key and in cryptographic hardware
Cipher Processing is carried out to data using user key in device.The great advantage of this scheme is safety, and user can be in difference
On computer Cipher Processing is carried out using the data key of oneself.The problem of presence of this scheme is:Use cryptographic hardware
Device such as USB Key can produce extra-pay;In Internet bar, the USB interface of many computers is mothballed, and password can not be used hard
Part device.
At present, nearly all user is owned by the mobile terminals such as mobile phone, tablet personal computer (mobile computing device), these hands
Machine, tablet personal computer may be used as key storage and carry out the device of data cryptogram processing.It is this to be deposited using the key of mobile terminal
Although storage and operational version do not use the solution security of special cryptographic hardware device high, this in common application
The security of scheme enough (for example be related to non-in the application of wealth, or in the application for only relating to small amount wealth it is this
The security of scheme is enough).If using storage of the mobile terminal as user key and use device, this just has two to ask
Topic needs to solve:When user is interacted using applications client and application system on computers, how will need to carry out
The data of Cipher Processing are sent to mobile terminalHow application system obtains the data after mobile terminal Cipher Processing
The content of the invention
The purpose of the present invention be directed to using special cryptographic hardware device exist the problem of, propose using mobile terminal as
User key stores and the processing of the code data of encryption processing apparatus and exchange scheme.
In order to realize the purpose of the present invention, technical scheme proposed by the present invention is:
A kind of code data processing and exchange method, methods described based on mobile terminal are as follows:
One program is installed in the mobile terminal of user and preserves the key of user in the terminal;
The mobile terminal is Portable movable computing device (such as mobile communication terminal and tablet personal computer);The mobile terminal of user is taken the photograph
As head and bar code scan program (program of dynamic base, class libraries and independent operating) are used for bar code scan and barcode data reading;Institute
Stating user key includes symmetric key and/or unsymmetrical key;The program is one and operates in user's movement eventually
The program (i.e. APP) that data are carried out with Cipher Processing in end;The Cipher Processing includes encryption, decryption, digital signature, signature
Checking;The digital signature and signature verification include digital signature of symmetric key and signature verification, and unsymmetrical key numeral
Signature and signature verification;The program is called the bar code scan program in mobile terminal to obtain and shown with bar code form
Data;
User accesses application system using the applications client of operation in a computer;
If applications client needs to carry out Cipher Processing to data during interacting with application system, apply
The API that client or applications client are called will be entered by bar code after the data of Cipher Processing and to the data after Cipher Processing
The data transfer of line identifier gives the program operated in customer mobile terminal;Program use is stored in shifting
The data that user key in dynamic terminal treats Cipher Processing carry out Cipher Processing;Program completes the password of data
After processing, the data after Cipher Processing are submitted in the form of registered data bag to the preservation of password intermediary system, and to password at
The data that data after reason are identified then are converted into the mark data of registered data bag;Applications client or applications client
The API or application system of calling obtain program from password intermediary system according to the mark data of registered data bag and submitted
Registered data bag, so as to obtain the data after Cipher Processing;If the data after Cipher Processing are sensitive data, it is submitted to
The registered data coating program encryption of password intermediary system, and the API that applications client or applications client are called
While the data for treating Cipher Processing are passed into program by bar code by bar code, after to Cipher Processing
The private data that data are encrypted passes to program by bar code;And applications client or applications client
After the API or application system of calling obtain the registered data bag that program is submitted, by the data after Cipher Processing
The registered data bag for the private data decryption encryption being encrypted;
The API that the applications client is called is to be employed the API (application programmings that client call is handled data
Interface) program (such as dynamic base, component, class libraries), including Cipher Processing API;The password intermediary system is one and is used as number
According to the system for transmitting bridge;The password intermediary system is a group of the system either application system of an independent operating
Part;The registered data bag received is preserved a predetermined time segment time limit by the password intermediary system in internal memory or database
(such as 30 seconds), after predetermined time limit holding time, password intermediary system is by the registered data bag of preservation from internal memory or data
Deleted in storehouse;Or obtained in the registered data coating of preservation more than after predetermined number, password intermediary system is posted preservation
Deposit data bag is deleted from internal memory or database.
It can be seen that, based on the method for the present invention, user can be using mobile terminal as carrying with by above description
Key storage and encryption processing apparatus, and by password intermediary system by the data transfer after Cipher Processing to applications client or
Application system, for user without special cryptographic hardware device, this was both easy for operation for a user, and need not additionally open
Pin, and can be used in the environment of no USB interface.
Brief description of the drawings
Fig. 1 is the schematic flow sheet of the embodiment of the present invention one or embodiment two.
Fig. 2 is the schematic flow sheet of the embodiment of the present invention three or example IV.
Embodiment
The invention will be further described with reference to the accompanying drawings and examples.
The present invention is sensitive, need for confidentiality or insensitive, need not maintained secrecy for the data after Cipher Processing
, and the data after Cipher Processing direct acquisition entity be application system or applications client different situations, just like
Lower four kinds of specific embodiments.
Embodiment one:
If the data after Cipher Processing are sensitive, need for confidentiality, the direct acquisition entity of the data after Cipher Processing
It is application system, then the implementation of methods described is as follows:
If applications client needs to carry out Cipher Processing to data during interacting with application system, use
API, program and the password intermediary system that family, applications client or applications client are called are treated as follows
The data of Cipher Processing carry out operation processing:
The first step:The API that applications client or applications client are called is close by the data and data exchange for the treatment of Cipher Processing
Key is shown in the form of bar code;The data exchange key is both the secret number that the data after Cipher Processing are encrypted
According to, while also serve as the data being identified to the data after Cipher Processing;
Second step:The mobile terminal that user has program using operation enters to the bar code shown on subscriber computer
Row scanning;
3rd step:Program obtains the data for treating Cipher Processing and data exchange key from the bar code of scanning;
4th step:The data that program treats Cipher Processing using the user key of storage in the terminal are entered
Row Cipher Processing, the data formed after Cipher Processing;
5th step:Program uses the data exchange key obtained from bar code or led by data exchange key
The data after Cipher Processing are encrypted to form registered data bag for the key gone out;Program is using unidirectional irreversible letter
Several data exchange keys to being obtained from bar code are handled, mark of the data generated using after processing as registered data bag
Code, password intermediary system is submitted to by the registered data bag with identification code;
6th step:The registered data bag received is stored in internal memory or database by password intermediary system;
7th step:The API that applications client or applications client are called is using same unidirectional irreversible function pair data
Exchange key to be handled, the data generated using after processing are had as the identification code of registered data bag from password intermediary system
There is the registered data bag of correspondingly (i.e. same) identification code;The API that applications client or applications client are called uses data exchange
The key or registered data bag of acquisition is decrypted key as derived from data exchange key, obtain the number after Cipher Processing
According to;
If applications client needs the data after Cipher Processing being submitted to application system, the 8th step is performed;Otherwise, tie
Beam Cipher Processing performs;
8th step:Data after the Cipher Processing of acquisition are submitted to application system by applications client.
Embodiment two:
If the data after Cipher Processing are insensitive, need not maintained secrecy, the direct acquisition of the data after Cipher Processing
Entity is application system, and the specific implementation of methods described is as follows:
If applications client needs to carry out Cipher Processing to data during interacting with application system, use
API, program and the password intermediary system that family, applications client or applications client are called are treated as follows
The data of Cipher Processing carry out operation processing:
The first step:The API that applications client or applications client are called will treat the data and data identification code of Cipher Processing
Shown in the form of bar code;The Data Identification code is the data being identified to the data after Cipher Processing;
Second step:The mobile terminal that user has program using operation enters to the bar code shown on subscriber computer
Row scanning;
3rd step:Program obtains the data for treating Cipher Processing and data identification code from the bar code of scanning;
4th step:The data that program treats Cipher Processing using the user key of storage in the terminal are entered
Row Cipher Processing, and the data after Cipher Processing are formed into registered data bag;
5th step:Program is by the Data Identification code obtained from bar code or by number derived from Data Identification code
Password intermediary system is submitted to according to the identification code as registered data bag, and by the registered data bag with identification code;
6th step:The registered data bag received is stored in internal memory or database by password intermediary system;
7th step:The API that applications client or applications client are called (adopts with data coding code or by Data Identification code
By the use of same method) derived from data obtained as the identification code of registered data bag from password intermediary system with corresponding (i.e. equally)
The registered data bag of identification code, so as to obtain the data after Cipher Processing;
If applications client needs the data after Cipher Processing being submitted to application system, the 8th step is performed;Otherwise, tie
Beam Cipher Processing performs;
8th step:Data after the Cipher Processing of acquisition are submitted to application system by applications client.
Embodiment three:
If the data after Cipher Processing are sensitive, need for confidentiality, the direct acquisition entity of the number after Cipher Processing is
Applications client, then the specific implementation of methods described is as follows:
If applications client needs to carry out Cipher Processing to data during interacting with application system, use
API, program and the password intermediary system that family, applications client or applications client are called are treated as follows
The data of Cipher Processing carry out operation processing:
The first step:The API that applications client or applications client are called is close by the data and data exchange for the treatment of Cipher Processing
Key is shown in the form of bar code;The data exchange key is both the secret number that the data after Cipher Processing are encrypted
According to, while also serve as the data being identified to the data after Cipher Processing;
Second step:The mobile terminal that user has program using operation enters to the bar code shown on subscriber computer
Row scanning;
3rd step:Program obtains the data for treating Cipher Processing and data exchange key from the bar code of scanning;
4th step:The data that program treats Cipher Processing using the user key of storage in the terminal are entered
Row Cipher Processing, the data formed after Cipher Processing;
5th step:Program uses the data exchange key obtained from bar code or led by data exchange key
The data after Cipher Processing are encrypted to form registered data bag for the key gone out;Program is using unidirectional irreversible letter
Several data exchange keys to being obtained from bar code are handled, mark of the data generated using after processing as registered data bag
Code, password intermediary system is submitted to by the registered data bag with identification code;
6th step:The registered data bag received is stored in internal memory or database by password intermediary system;
7th step:Application system to data exchange key using it is same unidirectionally can not inverse function handle, with processing
The data generated afterwards are obtained with corresponding (i.e. same) identification code as the identification code of registered data bag from password intermediary system
Registered data bag;
If application system needs to use the data after Cipher Processing, the 8th step is performed, otherwise, is transferred to the execution of the 9th step;
8th step:Application system using data exchange key or as derived from data exchange key key to being posted
Deposit data bag is decrypted, and obtains the data after Cipher Processing;
If the API that applications client or applications client are called needs to use the data after Cipher Processing, continue, perform
9th step, otherwise, terminate Cipher Processing and perform;
9th step:The API that applications client or applications client are called obtains registered data bag from application system;Using visitor
Using data exchange key or as derived from data exchange key, the registered data bag of acquisition is decrypted key at family end, obtains
Obtain the data after Cipher Processing.
Example IV:
If the data after Cipher Processing are insensitive, need not maintained secrecy, the direct acquisition entity after Cipher Processing is
Applications client, then the specific implementation of methods described is as follows:
If applications client needs to carry out Cipher Processing to data during interacting with application system, use
API, program and the password intermediary system that family, applications client or applications client are called are treated as follows
The data of Cipher Processing carry out operation processing:
The first step:The API that applications client or applications client are called will treat the data and data identification code of Cipher Processing
Shown in the form of bar code;The Data Identification code is the data being identified to the data after Cipher Processing;
Second step:The mobile terminal that user has program using operation enters to the bar code shown on subscriber computer
Row scanning;
3rd step:Program obtains the data for treating Cipher Processing and data identification code from the bar code of scanning;
4th step:User treats Cipher Processing by program using the user key of storage in the terminal
Data carry out Cipher Processing, and by after Cipher Processing data formed registered data bag;
5th step:Program is with the Data Identification code that is obtained from bar code or by number derived from Data Identification code
According to the identification code as registered data bag, the registered data bag with identification code is submitted to password intermediary system;
6th step:The registered data bag received is stored in internal memory or database by password intermediary system;
7th step:Application system with Data Identification code or as derived from Data Identification code (using same method), make by data
Obtained for the identification code of registered data bag as the identification code of registered data bag from password intermediary system with corresponding (i.e. identical)
The registered data bag of identifier, and obtain the data after Cipher Processing;
If the API that applications client or applications client are called needs to use the data after Cipher Processing, the 8th is performed
Step;Otherwise, terminate Cipher Processing to perform;
8th step:The API that applications client or applications client are called from application system obtain Cipher Processing after data.
Data exchange key in embodiment one and embodiment three can generate as follows:
By the same user identifier of the word string generated at random (such as account name) or the net with computer where applications client
The data that are generated are as data exchange key after network MAC Address merges, or by the same user identifier of the word string generated at random
Or generated after merging with the network/MAC address of computer where applications client after unidirectional irreversible functional operation processing
Data as data exchange key, or using the Session ID of session connection between applications client and application system as
Data exchange key.
The API that data exchange key in embodiment three is called by applications client or applications client is generated (i.e. in visitor
Family end generates), or generated and (generated in server end) by application system;If data exchange key is by applications client or answers
Generated with the API of client call, then before application system obtains registered data bag from password intermediary system (through user's operation or
Automatically data exchange key is submitted to application system by applications client);If data exchange key is generated by application system,
Before the API that applications client or applications client are called exchanges key with bar code form display data, by application system by number
Applications client is returned to according to key is exchanged.
Data Identification code in embodiment two or example IV can generate as follows:
By the same user identifier of the word string generated at random (such as account name) or the net with computer where applications client
The data that network MAC Address is generated after merging are as Data Identification code, by the word string generated at random with user identifier or same
The data generated after the network/MAC address of computer merges where applications client after unidirectional irreversible functional operation processing
As Data Identification code, or using the Session ID of session connection between applications client and application system as Data Identification
Code.
The API generations that Data Identification code in example IV can be called by applications client or applications client (exist
Client generates), or generated and (generated in server end) by application system;If Data Identification code is by applications client or answers
Generated with the API of client call, then before application system obtains registered data bag from password intermediary system (through user's operation or
Automatically Data Identification code is submitted to application system by applications client);If Data Identification code is generated by application system, answering
Before the API called with client or applications client is with bar code form display data identification code, by application system by Data Identification
Code returns to applications client.
In embodiment three or example IV, if application system is Web application systems, and applications client (i.e. browser)
The API of calling is needed from the data after application system acquisition Cipher Processing, then by applications client during applications client calling API
The Session ID of session connection passes to called API between application system, and the API that applications client is called is from should
When the data after registered data bag or Cipher Processing are obtained with system, by session connection between applications client and application system
Session identification is submitted to application system in the way of application client submits Session ID.For bar code, Quick Response Code can be used.
The generation of Quick Response Code has been ripe technology at present.Two-dimension code image can both be generated in server end by application system, also may be used
To be generated in client by applications client;If applications client calls local API to carry out Cipher Processing to data, then may be used also
Generated with the local API called by applications client end.No matter wherein generate, there are many instruments to can be used including free instrument
(can be obtained from network).
For unidirectionally can not inverse function, hash function (HASH functions) can be used.
The mode of the key for the data after Cipher Processing to be encrypted is exported by data exchange key can use one
It is individual unidirectionally can not inverse function such as hash function data exchange key is handled, the data generated after processing obtain key.
Similarly, by Data Identification code export registered data bag identification code mode can with one unidirectionally can not inverse function such as hash letter
It is several that data identification code is handled, the identification code using the data generated after processing as registered data bag.
The development technique exploitation for being suitable for mobile terminal used in user can be used in program, for example Android is moved
J2ME exploitations can be used in terminal;IOS terminals can be used Objective-C exploitations.Current mobile terminal (including it is mobile phone, flat
Plate computer) there is camera.There are many bar code scan APP or dynamic base, class libraries for being applied to mobile terminal, Cipher Processing at present
Program can directly utilize these bar code scans APP, or (or even oneself be opened using various bar code scans, the dynamic base of identification, class libraries
Hair).
Program uses the user key and the progress that store in the terminal typically by crypto module
The Cipher Processing of data.Therefore need to implement a crypto module in the terminal, this crypto module is responsible for key management,
Including key generation, storage and delete, and the Cipher Processing of data, including encrypt, decrypt, digital signature and signature verification.
Password intermediary system can use any development of information system technology, such as C/C++, J2EE, ASP.NET, and data
Storehouse technology, such as MySQL, SQL Server, Oracle exploitations.If the storage of registered data bag, memory storage can be used
The scheme being combined with database purchase:Preferentially registered data bag is stored in internal memory, if the registered data deposited in internal memory
Bag and data exceed certain quantity, then registered data bag are stored in database.Registered data bag is indexed with identification code.
Program, applications client, the interaction protocol of application system and password intermediary system, can oneself be fixed
Justice.
Other unaccounted particular techniques are implemented, and are it is well known that not saying certainly for those skilled in the relevant art
Bright.
Claims (10)
1. a kind of code data processing and exchange method based on mobile terminal, it is characterized in that:
One program is installed in the mobile terminal of user and preserves the key of user in the terminal;It is described
Mobile terminal is Portable movable computing device;The mobile terminal of user has camera and bar code scan program to be used for bar code scan
Read with barcode data;The user key includes symmetric key and/or unsymmetrical key;The program is one
The program that data are carried out with Cipher Processing operated in customer mobile terminal;The Cipher Processing includes encryption, decryption, numeral
Signature, signature verification;The digital signature and signature verification include digital signature of symmetric key and signature verification, and asymmetric
Key digital signature and signature verification;The program calls the bar code scan program in mobile terminal to obtain with bar code
The data that form is shown;
User accesses application system using the applications client of operation in a computer;
If applications client needs to carry out Cipher Processing, application client to data during interacting with application system
The API that end or applications client are called will enter rower by bar code after the data of Cipher Processing and to the data after Cipher Processing
The data transfer of knowledge gives the program operated in customer mobile terminal;Program use is stored in mobile whole
The data that user key in end treats Cipher Processing carry out Cipher Processing;Program completes the Cipher Processing of data
Afterwards, the data after Cipher Processing are submitted in the form of registered data bag password intermediary system preservation, and to Cipher Processing after
The data that are identified of data be then converted into the mark data of registered data bag;Applications client or applications client are called
API or application system according to registered data bag mark data from password intermediary system obtain program submit posting
Deposit data bag, so as to obtain the data after Cipher Processing;If the data after Cipher Processing are sensitive data, password is submitted to
The registered data coating program encryption of intermediary system, and the API that applications client or applications client are called is being incited somebody to action
While treating that the data of Cipher Processing pass to program by bar code, the data after Cipher Processing will be encrypted
The private data of processing passes to program by bar code;And API that applications client or applications client are called or
After application system obtains the registered data bag that program is submitted, by the way that the data after Cipher Processing are encrypted
Private data decryption encryption registered data bag;
The API that the applications client is called is to be employed the api routine that client call is handled data, including password
Handle API;The password intermediary system is a system as data transfer bridge;The password intermediary system is one only
One component of the system of vertical operation either application system;The password intermediary system is by including the registered data bag received
Deposit or database in preserve a predetermined time segment time limit, after predetermined time limit holding time, password intermediary system will protect
The registered data bag deposited is deleted from internal memory or database;Or exceed predetermined number in the registered data coating acquisition of preservation
Afterwards, password intermediary system deletes the registered data bag of preservation from internal memory or database.
2. code data processing and exchange method according to claim 1 based on mobile terminal, it is characterized in that:
If applications client needs to carry out data Cipher Processing during interacting with application system, user, answer
API, program and the password intermediary system called with client or applications client treat password as follows
The data of processing carry out operation processing:
The first step:The API that applications client or applications client are called will treat data and the data exchange key of Cipher Processing with
The form of bar code is shown;The data exchange key is both the private data that the data after Cipher Processing are encrypted,
The data being identified to the data after Cipher Processing are also served as simultaneously;
Second step:The mobile terminal that user has program using operation is swept to the bar code shown on subscriber computer
Retouch;
3rd step:Program obtains the data for treating Cipher Processing and data exchange key from the bar code of scanning;
4th step:The data progress that program treats Cipher Processing using the user key of storage in the terminal is close
Code processing, the data formed after Cipher Processing;
5th step:Program use the data exchange key that is obtained from bar code or by data exchange key derived from
The data after Cipher Processing are encrypted to form registered data bag for key;Program is using unidirectional irreversible function pair
The data exchange key obtained from bar code is handled, the data generated using after processing as registered data bag identification code,
Registered data bag with identification code is submitted to password intermediary system;
6th step:The registered data bag received is stored in internal memory or database by password intermediary system;
7th step:The API that applications client or applications client are called is using same unidirectional irreversible function pair data exchange
Key is handled, the data generated using after processing as the identification code of registered data bag from password intermediary system obtain with pair
Answer the registered data bag of identification code;The API that applications client or applications client are called is using data exchange key or by counting
The registered data bag of acquisition is decrypted according to key derived from exchange key, obtains the data after Cipher Processing;
If applications client needs the data after Cipher Processing being submitted to application system, the 8th step is performed;Otherwise, terminate close
Code processing performs;
8th step:Data after the Cipher Processing of acquisition are submitted to application system by applications client.
3. code data processing and exchange method according to claim 1 based on mobile terminal, it is characterized in that:
If applications client needs to carry out data Cipher Processing during interacting with application system, user, answer
API, program and the password intermediary system called with client or applications client treat password as follows
The data of processing carry out operation processing:
The first step:The API that applications client or applications client are called by treat Cipher Processing data and data identification code with bar
The form of code is shown;The Data Identification code is the data being identified to the data after Cipher Processing;
Second step:The mobile terminal that user has program using operation is swept to the bar code shown on subscriber computer
Retouch;
3rd step:Program obtains the data for treating Cipher Processing and data identification code from the bar code of scanning;
4th step:The data progress that program treats Cipher Processing using the user key of storage in the terminal is close
Code processing, and the data after Cipher Processing are formed into registered data bag;
5th step:Program is made by the Data Identification code obtained from bar code or by data derived from Data Identification code
For the identification code of registered data bag, and the registered data bag with identification code is submitted to password intermediary system;
6th step:The registered data bag received is stored in internal memory or database by password intermediary system;
7th step:The API that applications client or applications client are called is with Data Identification code or as derived from Data Identification code
Data obtain the registered data bag with corresponding identification code as the identification code of registered data bag from password intermediary system, so as to obtain
Obtain the data after Cipher Processing;
If applications client needs the data after Cipher Processing being submitted to application system, the 8th step is performed;Otherwise, terminate close
Code processing performs;
8th step:Data after the Cipher Processing of acquisition are submitted to application system by applications client.
4. code data processing and exchange method according to claim 1 based on mobile terminal, it is characterized in that:
If applications client needs to carry out data Cipher Processing during interacting with application system, user, answer
API, program and the password intermediary system called with client or applications client treat password as follows
The data of processing carry out operation processing:
The first step:The API that applications client or applications client are called will treat data and the data exchange key of Cipher Processing with
The form of bar code is shown;The data exchange key is both the private data that the data after Cipher Processing are encrypted,
The data being identified to the data after Cipher Processing are also served as simultaneously;
Second step:The mobile terminal that user has program using operation is swept to the bar code shown on subscriber computer
Retouch;
3rd step:Program obtains the data for treating Cipher Processing and data exchange key from the bar code of scanning;
4th step:The data progress that program treats Cipher Processing using the user key of storage in the terminal is close
Code processing, the data formed after Cipher Processing;
5th step:Program use the data exchange key that is obtained from bar code or by data exchange key derived from
The data after Cipher Processing are encrypted to form registered data bag for key;Program is using unidirectional irreversible function pair
The data exchange key obtained from bar code is handled, the data generated using after processing as registered data bag identification code,
Registered data bag with identification code is submitted to password intermediary system;
6th step:The registered data bag received is stored in internal memory or database by password intermediary system;
7th step:Application system to data exchange key using it is same unidirectionally can not inverse function handle, with raw after processing
Into data obtain the registered data bag with corresponding identification code from password intermediary system as the identification code of registered data bag;
If application system needs to use the data after Cipher Processing, the 8th step is performed, otherwise, is transferred to the execution of the 9th step;
8th step:Application system uses data exchange key or deposit number of the key to acquisition as derived from data exchange key
It is decrypted according to bag, obtains the data after Cipher Processing;
If the API that applications client or applications client are called needs to use the data after Cipher Processing, continue, perform the 9th
Step, otherwise, terminate Cipher Processing and perform;
9th step:The API that applications client or applications client are called obtains registered data bag from application system;Applications client
Using data exchange key or as derived from data exchange key, the registered data bag of acquisition is decrypted key, obtains close
Data after code processing.
5. code data processing and exchange method according to claim 1 based on mobile terminal, it is characterized in that:
If applications client needs to carry out data Cipher Processing during interacting with application system, user, answer
API, program and the password intermediary system called with client or applications client treat password as follows
The data of processing carry out operation processing:
The first step:The API that applications client or applications client are called by treat Cipher Processing data and data identification code with bar
The form of code is shown;The Data Identification code is the data being identified to the data after Cipher Processing;
Second step:The mobile terminal that user has program using operation is swept to the bar code shown on subscriber computer
Retouch;
3rd step:Program obtains the data for treating Cipher Processing and data identification code from the bar code of scanning;
4th step:User treats the number of Cipher Processing by program using the user key of storage in the terminal
Registered data bag is formed according to progress Cipher Processing, and by the data after Cipher Processing;
5th step:Program is made with the Data Identification code that is obtained from bar code or by data derived from Data Identification code
For the identification code of registered data bag, the registered data bag with identification code is submitted to password intermediary system;
6th step:The registered data bag received is stored in internal memory or database by password intermediary system;
7th step:Application system is using Data Identification code or mark of the data as registered data bag as derived from Data Identification code
Code obtains the registered data bag with corresponding identifier from password intermediary system, and obtains the data after Cipher Processing;
If the API that applications client or applications client are called needs to use the data after Cipher Processing, the 8th step is performed;It is no
Then, terminate Cipher Processing to perform;
8th step:The API that applications client or applications client are called from application system obtain Cipher Processing after data.
6. the processing of the code data based on mobile terminal and exchange method according to claim 2 or 4, it is characterized in that:
The data exchange key is the word string that will be generated at random with user identifier or with computer where applications client
Network/MAC address merge after the data that are generated, or by the word string generated at random with user identifier or with application
The data generated after the network/MAC address of computer merges where client after unidirectional irreversible functional operation processing, or
Person is the Session ID of session connection between applications client and application system.
7. code data processing and exchange method according to claim 4 based on mobile terminal, it is characterized in that:
The API that the data exchange key is called by applications client or applications client is generated, or is generated by application system;
If the API that the data exchange key is called by applications client or applications client is generated, in application system from password
Data exchange key is submitted to application system by applications client before Jie's system acquisition registered data bag;If the data exchange
Key is generated by application system, then the API called in applications client or applications client is exchanged with bar code form display data
Before key, data exchange key is returned into applications client by application system.
8. the processing of the code data based on mobile terminal and exchange method according to claim 3 or 5, it is characterized in that:
The Data Identification code is the word string that will be generated at random with user identifier or with computer where applications client
The data that network/MAC address is generated after merging, or by the word string generated at random with user identifier or with application visitor
The data generated after the network/MAC address of computer merges where the end of family after unidirectional irreversible functional operation processing, or
It is the Session ID of session connection between applications client and application system.
9. code data processing and exchange method according to claim 5 based on mobile terminal, it is characterized in that:
The API that the Data Identification code is called by applications client or applications client is generated, or is generated by application system;If
The API that the Data Identification code is called by applications client or applications client is generated, then is from password intermediary in application system
Data Identification code is submitted to application system by applications client before system acquisition registered data bag;If the Data Identification code is by answering
Generated with system, then before the API that applications client or applications client are called is with bar code form display data identification code, by answering
Data Identification code is returned into applications client with system.
10. the processing of the code data based on mobile terminal and exchange method according to claim 4 or 5, it is characterized in that:
If application system is Web application systems, and the API that applications client is called is needed after application system obtains Cipher Processing
Data, then the Session ID of session connection between applications client and application system is passed when applications client calls API
Pass called API, and the API that applications client is called from application system obtain registered data bag or Cipher Processing after number
According to when, by the session identification of session connection between applications client and application system by application client submit Session ID side
Formula is submitted to application system.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510214649.8A CN104915607B (en) | 2015-04-28 | 2015-04-28 | A kind of code data processing and exchange method based on mobile terminal |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510214649.8A CN104915607B (en) | 2015-04-28 | 2015-04-28 | A kind of code data processing and exchange method based on mobile terminal |
Publications (2)
Publication Number | Publication Date |
---|---|
CN104915607A CN104915607A (en) | 2015-09-16 |
CN104915607B true CN104915607B (en) | 2018-02-09 |
Family
ID=54084667
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510214649.8A Active CN104915607B (en) | 2015-04-28 | 2015-04-28 | A kind of code data processing and exchange method based on mobile terminal |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104915607B (en) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105281916B (en) * | 2015-11-05 | 2018-09-25 | 武汉理工大学 | A kind of portable cryptographic system |
CN107402876A (en) * | 2016-05-18 | 2017-11-28 | 中兴通讯股份有限公司 | A kind of method and terminal of startup ADB debugging |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103647869A (en) * | 2013-11-14 | 2014-03-19 | 深圳创维数字技术股份有限公司 | Terminal pairing method, terminal and system |
CN103685557A (en) * | 2013-12-26 | 2014-03-26 | 金蝶软件(中国)有限公司 | Method and device for uploading and downloading file |
CN103679114A (en) * | 2014-01-06 | 2014-03-26 | 武汉瑞普思信息技术有限公司 | Method and system for obtaining mobile information based on two-dimensional codes |
CN104079404A (en) * | 2014-07-07 | 2014-10-01 | 北京深思数盾科技有限公司 | Sensitive data secure exchange method and system |
CN104142994A (en) * | 2014-07-30 | 2014-11-12 | 腾讯科技(深圳)有限公司 | Data list acquisition method, terminal and system |
CN104202163A (en) * | 2014-08-19 | 2014-12-10 | 武汉理工大学 | Password system based on mobile terminal |
-
2015
- 2015-04-28 CN CN201510214649.8A patent/CN104915607B/en active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103647869A (en) * | 2013-11-14 | 2014-03-19 | 深圳创维数字技术股份有限公司 | Terminal pairing method, terminal and system |
CN103685557A (en) * | 2013-12-26 | 2014-03-26 | 金蝶软件(中国)有限公司 | Method and device for uploading and downloading file |
CN103679114A (en) * | 2014-01-06 | 2014-03-26 | 武汉瑞普思信息技术有限公司 | Method and system for obtaining mobile information based on two-dimensional codes |
CN104079404A (en) * | 2014-07-07 | 2014-10-01 | 北京深思数盾科技有限公司 | Sensitive data secure exchange method and system |
CN104142994A (en) * | 2014-07-30 | 2014-11-12 | 腾讯科技(深圳)有限公司 | Data list acquisition method, terminal and system |
CN104202163A (en) * | 2014-08-19 | 2014-12-10 | 武汉理工大学 | Password system based on mobile terminal |
Also Published As
Publication number | Publication date |
---|---|
CN104915607A (en) | 2015-09-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11743041B2 (en) | Technologies for private key recovery in distributed ledger systems | |
Horstmeyer et al. | Physical key-protected one-time pad | |
CN103679436B (en) | A kind of electronic contract security system and method based on biological information identification | |
CN102170357B (en) | Combined secret key dynamic security management system | |
Cheng | Security attack safe mobile and cloud-based one-time password tokens using rubbing encryption algorithm | |
CN108989346A (en) | The effective identity trustship agility of third party based on account concealment authenticates access module | |
Gasti et al. | Secure, fast, and energy-efficient outsourced authentication for smartphones | |
WO2015188424A1 (en) | Key storage device and method for using same | |
CN105281902B (en) | A kind of Web system safe login method based on mobile terminal | |
CN106992851A (en) | TrustZone-based database file password encryption and decryption method and device and terminal equipment | |
Ali et al. | A secure and efficient multi-factor authentication algorithm for mobile money applications | |
CN116318617B (en) | Medical rescue material charity donation method based on RFID and blockchain | |
CN107332660A (en) | A kind of Novel movable data encryption security system | |
CN104901951B (en) | Code data processing based on mobile terminal and exchange method in a kind of Web applications | |
Goel et al. | LEOBAT: Lightweight encryption and OTP based authentication technique for securing IoT networks | |
Ernst et al. | A Framework for UC Secure Privacy Preserving Biometric Authentication Using Efficient Functional Encryption | |
CN104915607B (en) | A kind of code data processing and exchange method based on mobile terminal | |
Yang et al. | A privacy model for RFID tag ownership transfer | |
CN113826096A (en) | User authentication and signature apparatus and method using user biometric identification data | |
CN111010386B (en) | Privacy protection and data supervision control method based on shared account book | |
GB2438543A (en) | Method and system for secure authentication and data exchange in client server architecture | |
CN106485128A (en) | A kind of system based on removable storage device fingerprint | |
TWI640887B (en) | User verification system implemented along with a mobile device and method thereof | |
CN105227562A (en) | The key business data transmission mediation device of identity-based checking and using method thereof | |
Halvi et al. | A robust and secured cloud based distributed biometric system using symmetric key cryptography and microsoft cognitive API |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right |
Effective date of registration: 20211125 Address after: Room 401a, building 4, yard 7, Shangdi 8th Street, Haidian District, Beijing 100085 Patentee after: ITRUSCHINA CO.,LTD. Address before: 430070 Hubei Province, Wuhan city Hongshan District Luoshi Road No. 122 Patentee before: WUHAN University OF TECHNOLOGY |
|
TR01 | Transfer of patent right |